﻿<?php
//变量区
session_start();
//$_SESSION["user_id"]="lincong";

$serv_name = "localhost";  //数据库主机名
$db_id = "";        //数据库用户名
$db_psw = "";        //数据库密码
$db_name = "hx_docmgr";        //数据库名
$conn=mysql_connect($serv_name,$db_id,$db_psw) or die("无法连接服务器！请联系林聪，QQ:159257119。");
mysql_select_db($db_name,$conn) or die("无法连接数据库！请联系林,聪QQ:159257119。") ;







//函数区
function alert_error($msg,$err_id){
	if(isset($msg)){
		if(empty($msg) && isset($HTTP_REFERER)){
			echo "<script>parent.location.href='index.php?error_msg=出错了！错误信息未能获取。请联系林聪。来源页地址：".$HTTP_REFERER."</script>";
			exit;
			}else{
				if(empty($err_id)){
					echo "<script>parent.location.href='index.php?error_msg=出错了！错误信息：".$msg." 错误编号：无。'</script>";
					exit;
					}else{
						echo "<script>parent.location.href='index.php?error_msg=出错了！错误信息：".$msg." 错误编号：".$err_id."'</script>";
						exit;
						}				
				}
		}else{
			echo "<script>parent.location.href='index.php?error_msg=出错了！错误信息未设置。请联系林聪。来源页地址：".$HTTP_REFERER."</script>";
			exit;
			}
			echo "错误信息无法处理，严重系统错误，请联系林聪！";
			exit;
	}
	
function check_login(){
	if(!isset($_SESSION["user_id"]) or empty($_SESSION["user_id"])){
		alert_error("您未登录，请登录后操作！",null);
		}	
	}
	
//登录函数，可以区分ADMIN&US
function login_in($uid,$pwd,$isadmin){
	//$uid[0]=strtoupper($uid[0]);//首字母大写转换
	if($isadmin){
	$sql="select count(*) from admin where admin_id='".$uid."'";//查找id数
	$total=mysql_fetch_row(mysql_query($sql)) or die("<script>alert('出错了，错误编号00001，请将编号提交至林聪。'); location.href='index.php?error_msg=出错了，错误编号00001，请将编号提交至林聪。';</script>");
	$user_id=$total[0];
	}else{
		$sql="select count(*) from user where user_id='".$uid."'";//查找id
		$total=mysql_fetch_row(mysql_query($sql)) or die("<script>alert('出错了，错误编号00002，请将编号提交至林聪。'); location.href='index.php?error_msg=出错了，错误编号00002，请将编号提交至林聪。';</script>");
		$user_id=$total[0];
		}
	if ($user_id<1){
		alert_error("您输入的用户名不存在！请检查后重新登录！您刚才的登录信息已被系统记录！","ERR_CHECK_LOGIN_FAILED");
		exit;
		}else{
			
			if($isadmin){
			$sql="select * from admin where admin_id='".$uid."'";
			mysql_query("set names utf8");
			while($rs=mysql_fetch_array(mysql_query($sql))){
				$pwd=md5($pwd);
				if($pwd==$rs["admin_pwd"]){
					$_SESSION["user_id_num"]=$rs["id"];
					$_SESSION["user_id"]=$rs["admin_id"];
					$_SESSION["user_name"]=$rs["nick_name"];
					$_SESSION["user_pwd"]=$rs["user_pwd"];
					$_SESSION["user_group_id"]=$rs["group_id"];
					$_SESSION["user_group_name"]=$rs["group_name"];
					$_SESSION["user_ip"]=$_SERVER['REMOTE_ADDR'];
					$_SESSION["access"]=$rs["access"];
					header("location:main.php");
					exit;
					}else{
						alert_error("您输入的密码不正确！请检查后重新登录！您的电脑信息已被系统记录！","ERR_ADMINPWD_NOT_ALLOW");
						}			
				}				
				}
				
				if(!$isadmin){
					$sql="select * from user where user_id='".$uid."'";
					mysql_query("set names utf8");
					while($rs=mysql_fetch_array(mysql_query($sql))){
						$pwd=md5($pwd);
						if($pwd==$rs["user_pwd"]){
							$_SESSION["user_id_num"]=$rs["id"];
							$_SESSION["user_id"]=$rs["user_id"];
							$_SESSION["user_name"]=$rs["nick_name"];
							$_SESSION["user_pwd"]=$rs["user_pwd"];
							$_SESSION["user_group_id"]=$rs["group_id"];
							$_SESSION["user_group_name"]=$rs["group_name"];
							$_SESSION["user_ip"]=$_SERVER['REMOTE_ADDR'];//获取IP
							$_SESSION["access"]="kefu";
							header("location:main.php");
							exit;
							}else{
								alert_error("您输入的密码不正确！请检查后重新登录！您的电脑信息已被系统记录！","ERR_USERPWD_NOT_ALLOW");
								}
						}									
					}				
			}	
}

//退出登录函数
function login_out(){
	session_destroy();
	echo "<script>location.href='index.php'; window.parent.location.reload();</script>";
	}

//function show_left_menu1($parent_id = 0) {
//    /*执行sql查询，获取记录的标题和id*/
//    $sql = "select * from doc_menu_tree where parent_id = $parent_id order by child_id asc";
//    mysql_query("SET NAMES UTF8");
//	$rs = mysql_query($sql);
//    /* 缩进*/
//	$j=1;
//    echo "
//	<div id='box_ul'>
//	";	
//	//while($rc=mysql_fetch_row(mysql_query("select parent_id from ")))	
//    while($ra = mysql_fetch_row($rs)) {
//        /* 显示记录标题 */
//        echo "
//		<div id='box_li'><a href='doc_detail.php?doc_id=".$ra[0]."' target='mainFrame'>".$ra[2]."</a></div>
//		";
//        /* 递归调用 */
//		$j=$j+1;
//        show_left_menu($ra[0]);
//    }	
//    echo "
//	</div>
//	";
//}

//左侧文档树型显示
function show_left_menu(){
	$sql_folder="select * from doc_folder";
	mysql_query("SET NAMES UTF8");
	$result_folder=mysql_query($sql_folder) or die("<script>alert('出错了！错误编号：00003，请将此编号提交至林聪。'); parent.location.href='index.php?error_msg=出错了！错误编号：00003，请将此编号提交至林聪。'</script>");
	if (!$result_folder){
		alert_error("出错了！请将此编号提交至林聪。","00004");
		exit;
		}else{
		$i=0;
	    while($rs_folder=mysql_fetch_array($result_folder)){
		echo "
		<div>
		<div id='folder_".$i."' onclick=\"show_sub_folder('".$i."');\" onmouseover='showhand(this);'><img src='src/img/ul.gif'>".$rs_folder["folder_name"]
		."</div>
		<div id='sub_folder_".$i."' style='display:none;'>";
		//内部查找文件
		$sql_file="select count(*) from doc_file where folder_id=".$rs_folder["id"];
		$total=mysql_fetch_row(mysql_query($sql_file)) or die("error_pltitle_count!");//执行一下
        $Total = $total[0];
		if($Total==0){
			echo "<div><a href='doc_add_init.php?folder_id=".$rs_folder["id"]."' style='padding-left:20px;' target='mainFrame'>此目录无文件,点此上传新文件</a><div>";
			}else{
			$sql_file="select * from doc_file where folder_id=".$rs_folder["id"];
		$result_file=mysql_query($sql_file) or die("<script>alert('出错了！错误编号：00005，请将此编号提交至林聪。'); parent.location.href='index.php?error_msg=出错了！错误编号：00005，请将此编号提交至林聪。'</script>");
				$j=0;
				while($rs_file=mysql_fetch_array($result_file)){
					echo "
					<div id='file_".$j."' style='padding-left:20px;'><a href='doc_detail.php?doc_id=".$rs_file["id"]."' target='mainFrame'><img src='src/img/li.gif' border='0'>".$rs_file["file_name"]."</a></div>
					";					
					$j=$j+1;					
					}echo "<a href='doc_add_init.php?folder_id=".$rs_folder["id"]."' style='padding-left:20px;' target='mainFrame'>点此上传新文件</a>";
					echo "
		</div>";				
				}
		$i=$i+1;
		echo "
		</div>
		</div>";
		}
	}
	}

function folder_addnew($new_folder_name){
	$sql = "INSERT INTO `doc_folder` (`folder_name`) values('".$new_folder_name."')";
	mysql_query("SET NAMES UTF8");
	mysql_query($sql) or die("<script>alert('添加新文件夹失败！错误代码：00006。请将此代码提交至林聪。'); location.href='index.php?error_msg=添加新文件夹失败！错误代码：00006。请将此代码提交至林聪。';</script>");
	echo "<script>alert('添加成功！'); location.href='left.php';</script>";	
	}

function doc_get_init(
					  $doc_name,
					  $doc_folder_id,
					  $doc_folder_name,
					  $doc_ver_full,
					  $ver_1,
					  $ver_2,
					  $ver_3,
					  $ver_4,
					  $ver_5,
					  $ver_6,
					  $doc_add_time,
					  $doc_content,
					  $upfile_path,
					  $upfile_sha1,
					  $upfile_name,
					  $upfile_info_dev,
					  $upfile_info_ino,
					  $upfile_info_mode,
					  $upfile_info_nlink,
					  $upfile_info_uid,
					  $upfile_info_gid,
					  $upfile_info_rdev,
					  $upfile_info_size,
					  $upfile_info_atime,
					  $upfile_info_mtime,
					  $upfile_info_ctime,
					  $upfile_info_blksize,
					  $upfile_info_blocks,
					  $upfile_size,
					  $upfile_type
					  ){
	//echo $ver_3;
	//exit;
	$doc_owner_id=$_SESSION["user_id_num"];
	$doc_owner=$_SESSION["user_name"];
	$doc_owner_ip=$_SESSION["user_ip"];
	//$owner=$_SESSION["user_name"];
	//$owner=$_SESSION["user_name"];
	if(empty($doc_name) || empty($doc_ver_full) || empty($ver_1) || empty($ver_2) || empty($doc_add_time) || empty($upfile_path) || empty($upfile_sha1) || empty($upfile_name) || empty($upfile_size) || empty($upfile_type)){
		//alert_error("文档初始化函数处理失败，程序返回参数为空！","00009");
		echo "asd";
		}else{

			$sql_file="INSERT INTO `hx_docmgr`.`doc_file` (
					`file_name` ,
					`file_order` ,
					`folder_id` ,
					`file_state` ,
					`hold_user_id` ,
					`hold_user_name` 
					)
					VALUES (
					'$doc_name',
					'0',
					'$doc_folder_id',
					'open',
					'$doc_owner_id',
					'$doc_owner'
					)					
					";
			mysql_query("set names utf8");
			mysql_query($sql_file) or die(mysql_error());
			$sql_read_doc_id="SELECT id FROM `doc_file` where hold_user_id=".$doc_owner_id." order by id desc limit 1";
			//echo $sql_read_doc_id."<br>";
			//exit;
			mysql_query("set names utf8");
			$result_read_doc_id=mysql_query($sql_read_doc_id) or die(mysql_error());
			while($rs_read_doc_id=mysql_fetch_row($result_read_doc_id)){
				$doc_file_id=$rs_read_doc_id[0];
				//echo $doc_file_id;
				//exit;
				if(empty($doc_file_id)){
					alert_error("文档初始化失败！原因是数据库错误，程序无法得到文件信息","00014");					
					}else{
							$sql="INSERT INTO `hx_docmgr`.`doc_file_list` (
							`doc_folder_id` ,
							`doc_folder_name` ,
							`doc_name` ,
							`doc_version` ,
							`doc_ver_1` ,
							`doc_ver_2` ,
							`doc_ver_3` ,
							`doc_ver_4` ,
							`doc_ver_5` ,
							`doc_ver_6` ,
							`doc_owner` ,
							`doc_owner_id` ,
							`doc_owner_ip` ,
							`doc_add_time` ,
							`doc_content` ,
							`doc_path` ,
							`doc_sha1` ,
							`doc_real_name` ,
							`doc_info_dev` ,
							`doc_info_ino` ,
							`doc_info_mode` ,
							`doc_info_nlink` ,
							`doc_info_uid` ,
							`doc_info_gid` ,
							`doc_info_rdev` ,
							`doc_info_size` ,
							`doc_info_atime` ,
							`doc_info_mtime` ,
							`doc_info_ctime` ,
							`doc_info_blksize` ,
							`doc_info_blocks` ,
							`file_size` ,
							`file_type` ,
							`is_init_version` ,
							`download_count` ,
							`view_count` ,
							`doc_file_id` ) 
				  VALUES (
						  '$doc_folder_id',
						  '$doc_folder_name',
						  '$doc_name',
						  '$doc_ver_full',					
						  '$ver_1',
						  '$ver_2',
						  '$ver_3',
						  '$ver_4',
						  '$ver_5',
						  '$ver_6',
						  '$doc_owner',
						  '$doc_owner_id',
						  '$doc_owner_ip',
						  '$doc_add_time',
						  '$doc_content',
						  '$upfile_path',
						  '$upfile_sha1',
						  '$upfile_name',
						  '$upfile_info_dev',
						  '$upfile_info_ino',
						  '$upfile_info_mode',
						  '$upfile_info_nlink',
						  '$upfile_info_uid',
						  '$upfile_info_gid',
						  '$upfile_info_rdev',
						  '$upfile_info_size',
						  '$upfile_info_atime',
						  '$upfile_info_mtime',
						  '$upfile_info_ctime',
						  '$upfile_info_blksize',
						  '$upfile_info_blocks',
						  '$upfile_size',
						  '$upfile_type',
						  '0',
						  '0',
						  '0',
						  '$doc_file_id'
						 )";				
				  mysql_query("set names utf8");
				  mysql_query($sql) or die(mysql_error());
				  echo "<script>alert('信息：新文件版本已建立 ".$doc_ver_full."\\n文档名称：". $doc_name."\\n文档拥有者：".$doc_owner."\\n文档大小：".$upfile_size."\\n文档指纹：".$upfile_sha1."\\n若发现上述信息错误请立即通知林聪。'); parent.leftFrame.location.reload(); location.herf='doc_detail.php?dic_id=".$doc_file_id."';</script>";	
				  echo "信息处理中，请稍等！";
				  exit;
						}
				
				}	

			}	
	
	}


?>


